package com.yun.zf.system.security.token;

import com.yun.zf.common.admin.domain.LoginUser;
import com.yun.zf.common.app.model.wechat.WeChatUserInfoMo;
import lombok.Getter;
import lombok.Setter;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;

import java.util.Collection;

@Getter
@Setter
public class WxAppletAuthenticationToken  extends AbstractAuthenticationToken {
    private LoginUser user;
    private WeChatUserInfoMo userInfoMo;
    private String sessionKey;

    public WxAppletAuthenticationToken(Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        super.setAuthenticated(false);
    }

    public WxAppletAuthenticationToken(WeChatUserInfoMo userInfoMo) {
        super(null);
        this.userInfoMo = userInfoMo;
        //关键：标记未认证
        super.setAuthenticated(false);
    }


    // todo ，采坑 ，如果验证通过，在 provider 再次放入token 中的时候一定要设置 super.setAuthenticated(true); 为true ,否则jwt 验证完成之后会再次进入自定义的provider
    public WxAppletAuthenticationToken( LoginUser user,String sessionKey,Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        this.user = user;
        this.sessionKey= sessionKey;
        //关键：标记已认证
        super.setAuthenticated(true);
    }

    public Object getCredentials() {
        return this.user.getOpendId();
    }

    public Object getPrincipal() {
        return this.getUser();
    }

    public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
        if (isAuthenticated) {
            throw new IllegalArgumentException(
                    "Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead");
        }

        super.setAuthenticated(false);
    }

    @Override
    public void eraseCredentials() {
        super.eraseCredentials();
    }


}
